iOS 7 will hop from one Wi-Fi hotspot to another, no password needed

Hotspot 2.0 provides automatic access to (some) Wi-Fi hotspots.

We haven't quite hit the stage where phones and tablets can roam from any public Wi-Fi network to another as easily as they hop from one cell tower to another. But an attempt to create a network of hotspots supporting seamless handoffs got some more support yesterday with Apple's announcement of iOS 7.

The new version of the operating system for iPhones and iPads will support the Wi-Fi Alliance's Hotspot 2.0 specification. Apple didn't talk about this during its Worldwide Developer Conference presentation, but the support for Hotspot 2.0 was confirmed on one of the slides shown during the presentation.

Hotspot 2.0 is the technology specification behind the Wi-Fi Alliance's Passpoint certification program. As we wrote last year, the goal of Passpoint is to create a Wi-Fi extension of cellular networks, making it easier for service providers to offload traffic and give users faster Internet connections. Instead of typing in a password, a user could authenticate to the network automatically by virtue of owning a device with a SIM card. Passpoint-enabled devices within range of a Passpoint-supporting hotspot would automatically join it and get the benefit of WPA2 security.

The problem is adoption, of course. Passpoint needs a large network of hotspots to be useful. We don't know exactly how many such hotspots will come into being, but a Wi-Fi Alliance spokesperson today pointed out to us that 30 operators are conducting Passpoint trials and that we can expect deployments later this year. Hotspot 2.0 was developed in part by companies like AT&T, Boingo, CableVision, Comcast, TimeWarner, and China Mobile, which are among the firms conducting the trials.

Getting the biggest smartphone makers on board is crucial too. Apple's top rival in the smartphone market, Samsung, is already supporting Passpoint in the Galaxy S4. Dozens of wireless access points, controllers, and other network products have also been certified to support the technology.

It is great for closed hotspot providers that they will be able to automatically authenticate users. But I'm more concerned with how my device will be able to authenticate a trustworthy hotspot. I haven't found any information on this -- anyone here know?

EDITI have done some more research on this. GPRS and EDGE don't authenticate the network to the phone (besides just claiming who they are). Apparently HSPA and LTE do authenticate the network (I think?), but are vulnerable to automatic network downgrades to GPRS or EDGE. See http://en.wikipedia.org/wiki/IMSI-catcher

The ANQP outline says: "The mobile device then compares the hotspot operator's name(s)." This implies to me that there is not authentication of the network to the phone besides claiming their name. I'm still not 100% on this, though.

It seems to me that this could be a huge security hole, as custom wifi hotspots are much more ubiquitous compared to custom cell towers -- and thus much more likely to be taken advantage of.

An upside is that any malicious hotspot would have to claim to be a legitimate operator (as opposed to a one-off free, public, open one). An additional downside is that the protocol appears to be written with the assumption of a single hotspot provider with roaming agreements -- I would much prefer being able to add any network that I trust (along with the credentials), just as I can now with SSIDs.

The auto-authentication part is what is key. You could setup your iDevice (and eventually Android device too) to automatically authenticate to the third-party WiFi networks you have access to. The bad part about this in my experience with "attwifi", LTE is usually faster than their WiFi, and there isn't a significant delay in setting up the access (e.g. if I'm walking past a place with an AT&T WiFi AP, it might grab on, even if I'm going to be out of range in another 30 seconds). Comcast and others recognize this - their goal is 802.11ac and 160MHz channel widths to make sure all users have superfast speeds - faster than LTE or LTE-Adv could deliver - when they connect to the AP.

How is it different from what we already have with Free in france ?Every subscriber's dsl "box" is a relay, so in a city like paris, we're almost guaranteed to find a password-free hotspot very easily.Only it doesn't "roam" very well yet. Works much better when you're at a cofee table for example

The auto-authentication part is what is key. You could setup your iDevice (and eventually Android device too) to automatically authenticate to the third-party WiFi networks you have access to. The bad part about this in my experience with "attwifi", LTE is usually faster than their WiFi, and there isn't a significant delay in setting up the access (e.g. if I'm walking past a place with an AT&T WiFi AP, it might grab on, even if I'm going to be out of range in another 30 seconds). Comcast and others recognize this - their goal is 802.11ac and 160MHz channel widths to make sure all users have superfast speeds - faster than LTE or LTE-Adv could deliver - when they connect to the AP.

Copyright wars are going to explode and both AT&T and Comcast will continue to get their panties twisted because Users are over-taxing their systems.

As it stands now, small cells are going to be what's deployed. Basically, macro cells will form one network, while groups of small cells will form underlying networks where there are congregated masses (stadiums, malls, etc).

Basically the only purpose of this is to authenticate the access point to the user.

Which it does by registering the access point with Yet Another Central Authority. Which is operated by the same old carrier oligarchy, so you can expect small providers to get screwed and you can expect free access to be thin on the ground. And they'll put exactly as much effort into making those authenticated access points actually trustworthy as users force them to... which means pretty close to zero. Which means that only a fool would trust an access point just because it was "authenticated".

Which means you might as well just use whatever access point you run across and then VPN back to somewhere safer.

The only value in this is for the carriers. I predict that it will die slowly and quietly, as users just keep using the free cafe networks that are all over every major city... which will probably never be part of this plan. The only thing that might interfere with that is stupid open access paranoia shutting down the free networks.

A question here is as Samsung is only supporting this on the S 4 (at least so far), does this mean that it needs specific hardware support as well, or will any iPhone supported by iOS 7 have this functionality?

My Laptop already does this. Nothing new. Just new that's its being advertised as a feature. The password must be entered once, then it is stored, so the next time your in that WiFi zone your PC automatically connects. At least that is what my laptop and every one else does that I know of.

Then there is boingo which takes it a bit further for the unsecured ones.

As far as with the simcard thing, many of the carriers have been doing this for a few years now.

How is it different from what we already have with Free in france ?Every subscriber's dsl "box" is a relay, so in a city like paris, we're almost guaranteed to find a password-free hotspot very easily.Only it doesn't "roam" very well yet. Works much better when you're at a cofee table for example

Is it intended that way, or simply a consequence of a majority of customers not securing their home Wi-Fi?

The auto-authentication part is what is key. You could setup your iDevice (and eventually Android device too) to automatically authenticate to the third-party WiFi networks you have access to. The bad part about this in my experience with "attwifi", LTE is usually faster than their WiFi, and there isn't a significant delay in setting up the access (e.g. if I'm walking past a place with an AT&T WiFi AP, it might grab on, even if I'm going to be out of range in another 30 seconds). Comcast and others recognize this - their goal is 802.11ac and 160MHz channel widths to make sure all users have superfast speeds - faster than LTE or LTE-Adv could deliver - when they connect to the AP.

There is no way an LTE connection is faster then a 5.0Ghz 802.11N connection. Don't get fooled into the speed of a website because of the cache exists on your phone.

The auto-authentication part is what is key. You could setup your iDevice (and eventually Android device too) to automatically authenticate to the third-party WiFi networks you have access to. The bad part about this in my experience with "attwifi", LTE is usually faster than their WiFi, and there isn't a significant delay in setting up the access (e.g. if I'm walking past a place with an AT&T WiFi AP, it might grab on, even if I'm going to be out of range in another 30 seconds). Comcast and others recognize this - their goal is 802.11ac and 160MHz channel widths to make sure all users have superfast speeds - faster than LTE or LTE-Adv could deliver - when they connect to the AP.

There is no way an LTE connection is faster then a 5.0Ghz 802.11N connection. Don't get fooled into the speed of a website because of the cache exists on your phone.

He didn't mention what standard the slow AT&T service he's tried used. (Some access points may be outdated hardware.) Furthermore, if the back-haul is slow or the acess point congested, then it doesn't matter which wifi standard is being used.

@rainynight65 "Is it intended that way, or simply a consequence of a majority of customers not securing their home Wi-Fi?"

It's definitely intended that way. But I was a bit quick in my description. There is an authentication that uses your chip instead of user/pass. And the way it's done hotspotters don't have access to the box's LAN. It tunnels through transparently. (And vice versa of course).

The only way to shut it down on your box is to disable the feature for yourself, ie you won't be able to log into other people's boxes any more.

Speed seems to be throttled too, around 100 kbytes/s. (instead of the usual 1 or 2 megabytes we get with dsl).

I imagine this is a bigger deal outside the US. I was just in Thailand and each cell network also has a bunch of wifi hotspot , sometime blanketing downtown areas, sometimes at 7-Elevens (they sell prepaid SIM cards). The ability to seamlessly roam onto these wifi networks would be huge benefit. The same is true for wireless + word provider trying to reduce wireless bandwidth use. I can see AT&T, Verizon, etc... Implementing this in the US by baking firewalled guest wifi into all their modems, or maybe even curbside in thier drop boxes....